Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Lightspeed
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Lightspeed
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2026:34476 - Security Advisory
Issued:
2026-07-01
Updated:
2026-07-01

RHSA-2026:34476 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: vim security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for vim is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Vim (Vi IMproved) is an updated and improved version of the vi editor.

Security Fix(es):

  • vim: arbitrary command execution via modeline sandbox bypass (CVE-2026-34982)
  • vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass (CVE-2026-35177)
  • vim: Vim: Command injection allows arbitrary code execution via malicious tag files (CVE-2026-41411)
  • vim: command injection when decompressing .tgz archives (CVE-2026-46483)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Life Cycle Long Life 8.8 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.8 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64

Fixes

  • BZ - 2455400 - CVE-2026-34982 vim: arbitrary command execution via modeline sandbox bypass
  • BZ - 2455542 - CVE-2026-35177 vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass
  • BZ - 2461614 - CVE-2026-41411 vim: Vim: Command injection allows arbitrary code execution via malicious tag files
  • BZ - 2477915 - CVE-2026-46483 vim: command injection when decompressing .tgz archives

CVEs

  • CVE-2026-34982
  • CVE-2026-35177
  • CVE-2026-41411
  • CVE-2026-46483

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle Long Life 8.8

SRPM
vim-8.0.1763-20.el8_8.2.src.rpm SHA-256: f3f573dada56f8b993c1e95d45d021b73ac9a8fb7c79ea30bd965ab7ef5301b7
x86_64
vim-X11-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: eaf8149222e6d667d835f0cc00611e9ce2e2579796d1b2e4904d7cf3e0cd2e8c
vim-X11-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: fc9611e04b1a292a66b255af93e961f1daa3904dba93e9a5fb4cf2dc813da420
vim-X11-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: fc9611e04b1a292a66b255af93e961f1daa3904dba93e9a5fb4cf2dc813da420
vim-common-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 2cc9046aa76733007f80f22032a3aca0339a7f6b41398712571de817aca8e4aa
vim-common-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: f409df898f6d92c66081ad198b8891cfab8e96f15111933e7023cd9c3dae444b
vim-common-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: f409df898f6d92c66081ad198b8891cfab8e96f15111933e7023cd9c3dae444b
vim-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: fb4b856f01c44d5ddb9718f6dd5634b9a193a66f3e070dc64a984f9401ef6eee
vim-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: fb4b856f01c44d5ddb9718f6dd5634b9a193a66f3e070dc64a984f9401ef6eee
vim-debugsource-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 5b3729398abca44a5a1f607ba476203b6911067d5821de54d40c99e0d28689f3
vim-debugsource-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 5b3729398abca44a5a1f607ba476203b6911067d5821de54d40c99e0d28689f3
vim-enhanced-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 7dad5d3edf78a512204c557e67f5653581ce35f51d1100f01dce3acf90ece650
vim-enhanced-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 3b956c7b7d532a55d2efd39d1c07fbf9af3d1b2ada898356f6181064a6648570
vim-enhanced-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 3b956c7b7d532a55d2efd39d1c07fbf9af3d1b2ada898356f6181064a6648570
vim-filesystem-8.0.1763-20.el8_8.2.noarch.rpm SHA-256: 7523581bdf97f624f3e690c366b5babdb53782bad0994d677798f603c0cc2171
vim-minimal-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 7e5beab3562cdc61170930dc56b3e8414467b26d831bd31d710172c610399499
vim-minimal-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 9ec14a848b16627d73dfbc3cafe9160fa8a80da4d76532bb2aa2890a93ec0685
vim-minimal-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 9ec14a848b16627d73dfbc3cafe9160fa8a80da4d76532bb2aa2890a93ec0685

Red Hat Enterprise Linux Server - TUS 8.8

SRPM
vim-8.0.1763-20.el8_8.2.src.rpm SHA-256: f3f573dada56f8b993c1e95d45d021b73ac9a8fb7c79ea30bd965ab7ef5301b7
x86_64
vim-X11-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: eaf8149222e6d667d835f0cc00611e9ce2e2579796d1b2e4904d7cf3e0cd2e8c
vim-X11-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: fc9611e04b1a292a66b255af93e961f1daa3904dba93e9a5fb4cf2dc813da420
vim-X11-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: fc9611e04b1a292a66b255af93e961f1daa3904dba93e9a5fb4cf2dc813da420
vim-common-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 2cc9046aa76733007f80f22032a3aca0339a7f6b41398712571de817aca8e4aa
vim-common-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: f409df898f6d92c66081ad198b8891cfab8e96f15111933e7023cd9c3dae444b
vim-common-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: f409df898f6d92c66081ad198b8891cfab8e96f15111933e7023cd9c3dae444b
vim-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: fb4b856f01c44d5ddb9718f6dd5634b9a193a66f3e070dc64a984f9401ef6eee
vim-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: fb4b856f01c44d5ddb9718f6dd5634b9a193a66f3e070dc64a984f9401ef6eee
vim-debugsource-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 5b3729398abca44a5a1f607ba476203b6911067d5821de54d40c99e0d28689f3
vim-debugsource-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 5b3729398abca44a5a1f607ba476203b6911067d5821de54d40c99e0d28689f3
vim-enhanced-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 7dad5d3edf78a512204c557e67f5653581ce35f51d1100f01dce3acf90ece650
vim-enhanced-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 3b956c7b7d532a55d2efd39d1c07fbf9af3d1b2ada898356f6181064a6648570
vim-enhanced-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 3b956c7b7d532a55d2efd39d1c07fbf9af3d1b2ada898356f6181064a6648570
vim-filesystem-8.0.1763-20.el8_8.2.noarch.rpm SHA-256: 7523581bdf97f624f3e690c366b5babdb53782bad0994d677798f603c0cc2171
vim-minimal-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 7e5beab3562cdc61170930dc56b3e8414467b26d831bd31d710172c610399499
vim-minimal-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 9ec14a848b16627d73dfbc3cafe9160fa8a80da4d76532bb2aa2890a93ec0685
vim-minimal-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 9ec14a848b16627d73dfbc3cafe9160fa8a80da4d76532bb2aa2890a93ec0685

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8

SRPM
vim-8.0.1763-20.el8_8.2.src.rpm SHA-256: f3f573dada56f8b993c1e95d45d021b73ac9a8fb7c79ea30bd965ab7ef5301b7
ppc64le
vim-X11-8.0.1763-20.el8_8.2.ppc64le.rpm SHA-256: a9da866daff31927dbcd95dcdff2735a617459623aa9195af5330354e097da17
vim-X11-debuginfo-8.0.1763-20.el8_8.2.ppc64le.rpm SHA-256: 8466140d42acc6c13a261cf178d3ff22d4af38ff1385ff82f203b0b33a2f1a9c
vim-X11-debuginfo-8.0.1763-20.el8_8.2.ppc64le.rpm SHA-256: 8466140d42acc6c13a261cf178d3ff22d4af38ff1385ff82f203b0b33a2f1a9c
vim-common-8.0.1763-20.el8_8.2.ppc64le.rpm SHA-256: 226b7ed4259ba58dfbf61a3aa13aba799472f5250b665c0548758d7ff6c02f76
vim-common-debuginfo-8.0.1763-20.el8_8.2.ppc64le.rpm SHA-256: 2d668e34a684f7368fc990b9e68e7d5dd7871026502c00c9d11fd6cebbb2520c
vim-common-debuginfo-8.0.1763-20.el8_8.2.ppc64le.rpm SHA-256: 2d668e34a684f7368fc990b9e68e7d5dd7871026502c00c9d11fd6cebbb2520c
vim-debuginfo-8.0.1763-20.el8_8.2.ppc64le.rpm SHA-256: afb7592fca0c1b57b1db3072c3ae511bb80194da5fe4f327354a35932ed143e2
vim-debuginfo-8.0.1763-20.el8_8.2.ppc64le.rpm SHA-256: afb7592fca0c1b57b1db3072c3ae511bb80194da5fe4f327354a35932ed143e2
vim-debugsource-8.0.1763-20.el8_8.2.ppc64le.rpm SHA-256: 622bcfba9865398b348e26a8b167c361e43757bc2955be06e299c960d296b728
vim-debugsource-8.0.1763-20.el8_8.2.ppc64le.rpm SHA-256: 622bcfba9865398b348e26a8b167c361e43757bc2955be06e299c960d296b728
vim-enhanced-8.0.1763-20.el8_8.2.ppc64le.rpm SHA-256: 8625f38428f7024530c5730c9978531c636f2f628bccb5685e6b77043278334b
vim-enhanced-debuginfo-8.0.1763-20.el8_8.2.ppc64le.rpm SHA-256: 4f43b2efd155dd2af5d9ba447c2a4083b647fccf6280f759a4b8b32a29ae88e7
vim-enhanced-debuginfo-8.0.1763-20.el8_8.2.ppc64le.rpm SHA-256: 4f43b2efd155dd2af5d9ba447c2a4083b647fccf6280f759a4b8b32a29ae88e7
vim-filesystem-8.0.1763-20.el8_8.2.noarch.rpm SHA-256: 7523581bdf97f624f3e690c366b5babdb53782bad0994d677798f603c0cc2171
vim-minimal-8.0.1763-20.el8_8.2.ppc64le.rpm SHA-256: 47fe809e7e5c1537cfc23ad477dc9a1e09c48cd06c01a94ab0fa5e71f15eebcb
vim-minimal-debuginfo-8.0.1763-20.el8_8.2.ppc64le.rpm SHA-256: da6e925d15b247f9571f4b6152ee32f1dbdc129a908fb068e1ba45501ae85788
vim-minimal-debuginfo-8.0.1763-20.el8_8.2.ppc64le.rpm SHA-256: da6e925d15b247f9571f4b6152ee32f1dbdc129a908fb068e1ba45501ae85788

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM
vim-8.0.1763-20.el8_8.2.src.rpm SHA-256: f3f573dada56f8b993c1e95d45d021b73ac9a8fb7c79ea30bd965ab7ef5301b7
x86_64
vim-X11-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: eaf8149222e6d667d835f0cc00611e9ce2e2579796d1b2e4904d7cf3e0cd2e8c
vim-X11-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: fc9611e04b1a292a66b255af93e961f1daa3904dba93e9a5fb4cf2dc813da420
vim-X11-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: fc9611e04b1a292a66b255af93e961f1daa3904dba93e9a5fb4cf2dc813da420
vim-common-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 2cc9046aa76733007f80f22032a3aca0339a7f6b41398712571de817aca8e4aa
vim-common-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: f409df898f6d92c66081ad198b8891cfab8e96f15111933e7023cd9c3dae444b
vim-common-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: f409df898f6d92c66081ad198b8891cfab8e96f15111933e7023cd9c3dae444b
vim-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: fb4b856f01c44d5ddb9718f6dd5634b9a193a66f3e070dc64a984f9401ef6eee
vim-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: fb4b856f01c44d5ddb9718f6dd5634b9a193a66f3e070dc64a984f9401ef6eee
vim-debugsource-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 5b3729398abca44a5a1f607ba476203b6911067d5821de54d40c99e0d28689f3
vim-debugsource-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 5b3729398abca44a5a1f607ba476203b6911067d5821de54d40c99e0d28689f3
vim-enhanced-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 7dad5d3edf78a512204c557e67f5653581ce35f51d1100f01dce3acf90ece650
vim-enhanced-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 3b956c7b7d532a55d2efd39d1c07fbf9af3d1b2ada898356f6181064a6648570
vim-enhanced-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 3b956c7b7d532a55d2efd39d1c07fbf9af3d1b2ada898356f6181064a6648570
vim-filesystem-8.0.1763-20.el8_8.2.noarch.rpm SHA-256: 7523581bdf97f624f3e690c366b5babdb53782bad0994d677798f603c0cc2171
vim-minimal-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 7e5beab3562cdc61170930dc56b3e8414467b26d831bd31d710172c610399499
vim-minimal-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 9ec14a848b16627d73dfbc3cafe9160fa8a80da4d76532bb2aa2890a93ec0685
vim-minimal-debuginfo-8.0.1763-20.el8_8.2.x86_64.rpm SHA-256: 9ec14a848b16627d73dfbc3cafe9160fa8a80da4d76532bb2aa2890a93ec0685

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2026 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility